package com.rsa.boot.controller;

import cn.hutool.core.util.RandomUtil;
import com.rsa.boot.entiry.User;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author tanghailan
 * @date 2020-10-21 18:53
 */
@RestController
@RequestMapping("order")
@Slf4j
public class OrderController {
    /**
     * 注册
     * @return
     */
    @RequestMapping("save")
    @RequiresRoles("admin")
    public String save(){
        Subject subject = SecurityUtils.getSubject();
        if (subject.hasRole("admin")){
            System.out.println("保存订单！");
        }else {
            System.out.println("无权访问!");
        }
        //基于权限字符串
        return "redirect:/index .jsp";
    }
}
